package cn.com.demo.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

@RestController
@RequestMapping("/demo")
public class DemoController {
    @Autowired
    HttpServletRequest request;
    @GetMapping("/test")
    public String test(){
        return "OK";
    }
    @GetMapping("/info")
    public String info(){
        return SecurityContextHolder.getContext().getAuthentication().getName();
    }
    @GetMapping("/p1")
    @Secured({"ROLE_admin"})
    //@PreAuthorize("hasAnyAuthority('p1')")
    public String p1(){
        return "p1";
    }
    @GetMapping("/p2")
    @Secured({"ROLE_test"})
    //@PreAuthorize("hasAnyAuthority('p2')")
    public String p2(){
        return "p2";
    }
    @GetMapping("/t1")
    @PreAuthorize("hasAnyAuthority('/demo/t1')")
    public String t1(){
        return "t1";
    }
    @GetMapping("/t2")
    @PreAuthorize("hasAnyAuthority('/demo/t2')")
    public String t2(){
        return "t2";
    }
}
